func (client *clientImpl) encryptTxVersion1_2(tx *obc.Transaction) error { // Create (PK_C,SK_C) pair ccPrivateKey, err := client.eciesSPI.NewPrivateKey(rand.Reader, conf.GetDefaultCurve()) if err != nil { client.error("Failed generate chaincode keypair: [%s]", err) return err } // Prepare message to the validators var ( stateKey []byte privBytes []byte ) switch tx.Type { case obc.Transaction_CHAINCODE_NEW: // Prepare chaincode stateKey and privateKey stateKey, err = utils.GenAESKey() if err != nil { client.error("Failed creating state key: [%s]", err) return err } privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.error("Failed serializing chaincode key: [%s]", err) return err } break case obc.Transaction_CHAINCODE_QUERY: // Prepare chaincode stateKey and privateKey stateKey = utils.HMACTruncated(client.queryStateKey, append([]byte{6}, tx.Nonce...), utils.AESKeyLength) privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.error("Failed serializing chaincode key: [%s]", err) return err } break case obc.Transaction_CHAINCODE_EXECUTE: // Prepare chaincode stateKey and privateKey stateKey = make([]byte, 0) privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.error("Failed serializing chaincode key: [%s]", err) return err } break } // Encrypt message to the validators cipher, err := client.eciesSPI.NewAsymmetricCipherFromPublicKey(client.chainPublicKey) if err != nil { client.error("Failed creating new encryption scheme: [%s]", err) return err } msgToValidators, err := asn1.Marshal(chainCodeValidatorMessage1_2{privBytes, stateKey}) if err != nil { client.error("Failed preparing message to the validators: [%s]", err) return err } encMsgToValidators, err := cipher.Process(msgToValidators) if err != nil { client.error("Failed encrypting message to the validators: [%s]", err) return err } tx.ToValidators = encMsgToValidators // Encrypt the rest of the fields // Init with chainccode pk cipher, err = client.eciesSPI.NewAsymmetricCipherFromPublicKey(ccPrivateKey.GetPublicKey()) if err != nil { client.error("Failed initiliazing encryption scheme: [%s]", err) return err } // Encrypt chaincodeID using pkC encryptedChaincodeID, err := cipher.Process(tx.ChaincodeID) if err != nil { client.error("Failed encrypting chaincodeID: [%s]", err) return err } tx.ChaincodeID = encryptedChaincodeID // Encrypt payload using pkC encryptedPayload, err := cipher.Process(tx.Payload) if err != nil { client.error("Failed encrypting payload: [%s]", err) return err } tx.Payload = encryptedPayload // Encrypt metadata using pkC if len(tx.Metadata) != 0 { encryptedMetadata, err := cipher.Process(tx.Metadata) if err != nil { client.error("Failed encrypting metadata: [%s]", err) return err } tx.Metadata = encryptedMetadata } return nil }